Kaspersky versus Microsoft on security

Kaspersky Lab complained recently that Microsoft uses “underhand tactics” to remove third-party antivirus where in June took its complaints over Windows 10’s handling of third-party antivirus to the European Commission and the German Federal Cartel Office.

One of the key complaints is that Windows 10 uninstalls Kaspersky antivirus without the consent of users and enables the built-in Windows Defender, which could happen during major Windows updates if a third-party security product is incompatible with the latest version of Windows.

Microsoft replied that with the Windows 10 Creators Update, the customer will be advised to install a new version of their security application right after the update completed. To do this, the software upgrade first temporarily disabled some parts of the security software when the update began. Microsoft claims they worked with anti-virus partners. Maybe Kaspersky wasn’t included.

Kaspersky founder Eugene Kaspersky has accused Microsoft of using shady methods to “fiercely promote its own inferior” product, Windows Defender, over third-party antivirus already installed on Windows 10 PCs. Microsoft claims its Windows Defender is a strong security product. {Security testers say not really.]

Kaspersky also complained that security vendors have little time to make their product compatible, compared with previous versions of Windows [since Windows 10 gets upgraded every 6 months]. ESET is cited with similar compatibility problems with the Windows 10 Anniversary Update.

But with the number of security vendors, two [the known vendors that have complained] is very small. In addition, there is a few weeks before the “RTM” and the actual release date. How come others security vendors aren’t having compatibility problems? Not McAfee, not Symantec, not Avast, not AVG, …. [As far as I know.]

If an security subscription expires, only then will Windows Defender begin providing protection.

Kaspersky complained that Windows users don’t need to pay for third-party antivirus because of Windows Defender. As well, they claim that Microsoft’s tech support staff have advised users to uninstall Kaspersky.

You can put a big chunk of the blame on Kaspersky themselves. Has any other security vendor complained? So why just them? Maybe Kaspersky has a grudge going on with Microsoft.

Does Kaspersky bother to tell those with Kaspersky software installed that if they have a valid subscription they can upgrade to the latest version? I guess not. This alone makes their clients less secure.

The only alternative is for Microsoft to have a pop-up window with something like:
“Your crappy security software is unsupported. Please upgrade to the latest version. Alternatively, with your approval, Windows 10 will be upgraded and your crappy security software will be removed and replaced by Windows Defender. You can then upgrade your crappy security software following the upgrade.”

In a virtual machine of mine, my Panda Free-AV was upgraded for me automatically yesterday. Shouldn’t be too hard for Kaspersky to do this.

Someone I know has a 3 years subscription to Kaspersky Total Security. Something went wonky and the computer wouldn’t update anymore. Chatted online and was told it would be escalated. Didn’t hear from them and they closed the incident after a week. Contacted them again and was told an email was sent out with a new activation code. Never got it. It was resent. Damn thing expires in 3 months when the old key had 16 months left. Really crappy support.

 

Changes to Windows Server 2016 updates

Microsoft made some changes …. again…. When it comes to updates. With Windows Server 2016, initially there would only be one major release per year [compared to Windows 10 which gets major updates every 6 months]. Last week, Microsoft changed this. From now on [until the next change!], Microsoft will release major server updates the same time as major Windows 10 updates [March and September].

Unlike Windows 10 [well officially], you will have the option to not upgrade once between each major update [i.e. go from v1703 to v1803 and ignore v1709]. Server releases will be supported for 18 months. The Semi-annual Channel [as they call it] will be available to volume-licensed customers with Software Assurance, as well as via the Azure Marketplace or other cloud/hosting service providers and loyalty programs such as MSDN.

This duplicates the updating of Windows 10 as well as Office.

 

Blocking the latest Microsoft .net Framework in Windows

There is the occasional time where you want to disable Windows from upgrading to the latest .net Framework from Microsoft. As of this time, the latest version is version 4.7. The following can disable the installation:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\WU]

“BlockNetFramework47″=dword:00000001

.net Framework 4.7 incorporates all the updates and updates backwards to 4.0 [i.e. 4.0., 4.5, 4.5.1, 4.6, 4.6.1 and 4.6.2]. From the above, you can replace the version in the registry settings with the version number without the decimal [for example, BlockNetFramework462 for version 4.6.2.] .net Framework 4.x series does not replace .net framework 3.5 series.

Microsoft Exchange, for example, is at this time not compatible with .net framework 4.7.

To enable the installing, replace the “1” above in the registry settings by a “0”. Note that you can still manually install .net Framework.

Now what is .net Framework? Unless you’re a developer, you really don’t need a lot of knowledge to make use of .net Framework. You just need to know it is working. The .net Framework contains thousands of pieces of shared code which helps developers as it is much easier because they don’t have to repeat the need to perform some common function. They can instead re-use the shared code in other applications. In earlier days when high speed internet wasn’t as common, it was easier for developers to include their application only as the shared code is already installed.

Note: As usual, when modifying the registry, back it up first. And use at your own risk.

 

Microsoft releases more security updates for non-supported OSs

Looks like Microsoft has made available some more security updates for some unsupported operating systems [Windows Server 2003, Windows XP, Windows Vista and Windows 8].

https://support.microsoft.com/en-us/help/4025687

Some links may not be available [at “press time”] but are available through the Windows Update Catalog.

Notes:

  • That Windows Server 2008 is extended to end when Windows Server 2008 R2 ends in a few years.
  • Windows 8 uses can upgrade to Windows 8.1 or Windows 10 [both free of charge] to be supported now.

 

Miscellaneous computer tips – Volume 5

Tip #1:

If you have a Hotmail.com/.ca, outlook.com/.ca or live.com/.ca account and use the web site [not just an application] this may be of interest for you. Microsoft added a feature called “Focus” I guess it highlights new Emails. If you don’t want it, follow these steps to disable it:

  1. Towards the upper right corner within the web page, click on the wheel and then “Options” down at the bottom.
  2. Scroll down on the left [near the bottom] and choose “Focused inbox”.
  3. On the right, if you don’t want the feature, select “Don’t sort messages”.
  4. Click on the “Save” button above.
  5. To go back to your mail, click on the left arrow next to “Options” near the top left of the web page.

You can return to the focused inbox by reversing things any time you want.

Tip #2:

For those on the run around the world or maybe you have clients in multiple time zones, you can add 2 additional clocks in Windows that can be visible when you click on the date and time in the right corner. But say 3 isn’t enough. You can add as many as you want by modifying the registry. Note that this is a per user setting.

  1.  Open the registry editor, REGEDIT.
  2.  Navigate to HKEY_CURRENT_USER\Control Panel\.
  3.  Add the following keys in sequence: TimeDate, AdditionalClocks, 1. So it should look like HKEY_CURRENT_USER\Control Panel\TimeDate\AdditionalClocks\1
  4. Under the 1 key, create a new 32-bit DWORD value called Enable and set its value data to 1.
  5. The create a new string value named DisplayName and set it to any desired name which will be used when viewing the time. You can call it a specific place or something like “Home”, “Bob”, etc.
  6. The create a new string value named TzRegKeyName. This will be one of the manu actual time zones around the world. Choose one from: Afghanistan Standard Time, Alaskan Standard Time, Arab Standard Time, Arabian Standard Time, Arabic Standard Time, Argentina Standard Time, Atlantic Standard Time, AUS Central Standard Time, AUS Eastern Standard Time, Azerbaijan Standard Time, Azores Standard Time, Bahia Standard Time, Bangladesh Standard Time, Belarus Standard Time, Canada Central Standard Time, Cape Verde Standard Time, Caucasus Standard Time, Central America Standard Time, Cen. Australia Standard Time, Central Asia Standard Time, Central Brazilian Standard Time, Central Europe Standard Time, Central European Standard Time, Central Pacific Standard Time, Central Standard Time, Central Standard Time (Mexico), China Standard Time, Dateline Standard Time, E. Africa Standard Time, E. Australia Standard Time, E. Europe Standard Time, E. South America Standard Time, Eastern Standard Time, Eastern Standard Time (Mexico), Easter Island Standard Time, Egypt Standard Time, Ekaterinburg Standard Time, Fiji Standard Time, FLE Standard Time, Georgian Standard Time, GMT Standard Time, Greenland Standard Time, Greenwich Standard Time, GTB Standard Time, Hawaiian Standard Time, India Standard Time, Iran Standard Time, Israel Standard Time, Jordan Standard Time, Kaliningrad Standard Time, Korea Standard Time, Libya Standard Time, Line Islands Standard Time, Magadan Standard Time, Mauritius Standard Time, Middle East Standard Time, Montevideo Standard Time, Morocco Standard Time, Mountain Standard Time, Mountain Standard Time (Mexico), Myanmar Standard Time, Namibia Standard Time, Nepal Standard Time, New Zealand Standard Time, Newfoundland Standard Time, North Asia East Standard Time, North Asia Standard Time, N. Central Asia Standard Time, Pacific SA Standard Time, Pacific Standard Time, Pacific Standard Time (Mexico), Pakistan Standard Time, Paraguay Standard Time, Romance Standard Time, Russia Time Zone 3, Russia Time Zone 10, Russia Time Zone 11, Russian Standard Time, Samoa Standard Time, South Africa Standard Time, SA Eastern Standard Time, SA Pacific Standard Time, SA Western Standard Time, SE Asia Standard Time, Singapore Standard Time, Sri Lanka Standard Time, Syria Standard Time, Taipei Standard Time, Tasmania Standard Time, Tokyo Standard Time, Tonga Standard Time, Turkey Standard Time, US Eastern Standard Time, US Mountain Standard Time, UTC, UTC-02, UTC-11, UTC+12, Venezuela Standard Time, Vladivostok Standard Time, West Asia Standard Time, W. Australia Standard Time, W. Central Africa Standard Time, W. Europe Standard Time, West Pacific Standard Time, Yakutsk Standard Time

So it could look like something below if you created a registry file:

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Control Panel\TimeDate\AdditionalClocks\1]

“Enable”=dword:00000001

“DisplayName”=”Home”

“TzRegKeyName”=”Hawaiian Standard Time”

Tip #3:

Ever wanted to change the boot-up, login and locked screen in Windows 7? [This feature is in the Settings section in Windows 8.1 and 10.]

Find or create an image. Requirements:

  • must be less than 256 KB in size
  • convert to JPG
  • match resolution of the screen if possible
  • the name should be backgroundDefault.jpg [note the capitol “D” – strange].

Open the registry and go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background
  • Create or change value named OEMBackground to 1 [it’s a REG_DWORD].
  • Go to C:\Windows\System32\oobe\info\backgrounds
  • If not there, create the missing folder(s).
  • Copy backgroundDefault.jpg into the backgrounds folder.
  • The change takes effect immediately. There is no need to restart your computer.

Note:

As usual, when modifying the registry, take precautions such as backing the registry up first. Use at your own risk.

WannaCrypt may have been a dud for most

While the WannaCrypt/WannaCry ransomware caused some havoc, primarily in Europe and mostly of them in eastern Europe, with the infection hitting in the 6 figures, it turned out to be a big dud.

First, many did not pay the ransom. I am guessing many of those in eastern Europe cannot afford $300+.

Second, while it heavily affected those with Windows 7 computers, I suspect many of those are unprotected or not patched as they could be pirated copies of Windows 7. Eastern Europe and Asia [also hit hard] are notorious for high piracy rates. Many with pirated copies do not want to possible compromise their system with an update that could botch their copies.

Third, even though somewhere around an estimated 10 percent of computers are still using Windows XP, an operating system that has had no support for about 3 years, those who programmed botched things up because when WannaCrypt got onto those computers they wouldn’t spread to other computers and many of them would crash.

Kaspersky claims almost 98% of machines infected were Windows 7 based. Servers were just over 1% and most of those were Server 2008 R2.  Windows 10 accounted for 0.03% [I guess some turned off Windows Updates]. Servers account for 1.4% with most of them on Windows Server 2008 R2 – the server version of Windows 7.

WannaCry/WannaCrypt Microsoft Windows patches

If you are up to date on Windows patching, you should be covered. If not, you can still get the patch at http://catalog.update.microsoft.com/v7/site/Search.aspx?q=4012598.

It is important to know that Microsoft also release patches for unsupported Windows XP SP3 and Windows Server 2003.